Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

213 advisories

Loading
A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server... High Unreviewed
CVE-2024-4177 was published Jun 6, 2024
Fides Webserver Logs Hosted Database Password Partial Exposure Vulnerability Low
CVE-2024-34715 was published for ethyca-fides (pip) May 29, 2024
tariqajyusuf pattisdr
Ansible-core information disclosure flaw Moderate
CVE-2024-0690 was published for ansible-core (pip) Feb 6, 2024
Croc sender may place ANSI or CSI escape sequences in filename to attach receiver's terminal device High
CVE-2023-43620 was published for github.com/schollz/croc/v9 (Go) Sep 20, 2023
schollz
There exists a Denial of service vulnerability in Tink-cc in versions prior to 2.1.3.  * An... Unknown Unreviewed
CVE-2024-4420 was published May 21, 2024
TYPO3 vulnerable to an HTML Injection in the History Module Low
CVE-2024-34355 was published for typo3/cms-core (Composer) May 14, 2024
andreaskienast bnf
Improper escaping in XWiki Platform High
CVE-2020-13654 was published for org.xwiki.platform:xwiki-platform-web (Maven) Feb 9, 2022
Moodle Improper Encoding or Escaping of Output Moderate
CVE-2021-40694 was published for moodle/moodle (Composer) Sep 30, 2022
Apache Tomcat improperly escapes input from JsonErrorReportValve High
CVE-2022-45143 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jan 3, 2023
westonsteimel
Insert tag injection in the Contao login module Moderate
CVE-2019-19714 was published for contao/contao (Composer) Dec 17, 2019
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an attacker to tamper with... High Unreviewed
CVE-2023-36921 was published Jul 11, 2023
iTerm2 before 3.4.20 allow (potentially remote) code execution because of mishandling of certain... Critical Unreviewed
CVE-2023-46301 was published Oct 22, 2023
iTerm2 before 3.4.20 allow (potentially remote) code execution because of mishandling of certain... Critical Unreviewed
CVE-2023-46300 was published Oct 22, 2023
Improper encoding or escaping of output in Wing FTP Server (User Web Client) allows Cross-Site... Moderate Unreviewed
CVE-2023-37875 was published Sep 14, 2023
RTX TRAP v1.0 was discovered to be vulnerable to host header poisoning. Moderate Unreviewed
CVE-2022-31458 was published Jul 25, 2023
Controller DoS due to stack overflow when decoding a message from the server High Unreviewed
CVE-2023-24480 was published Jul 13, 2023
When copying a network request from the developer tools panel as a curl command the output was... Moderate Unreviewed
CVE-2023-23599 was published Jun 2, 2023
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an attacker can use a specially... Low Unreviewed
CVE-2023-32712 was published Jun 1, 2023
A vulnerability exists in a FOXMAN-UN and UNEM logging component, it only affects systems that... Moderate Unreviewed
CVE-2023-1711 was published May 30, 2023
WebAssembly wat2wasm v1.0.32 allows attackers to cause a libc++abi.dylib crash by putting '@'... Moderate Unreviewed
CVE-2023-31669 was published May 23, 2023
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD)... High Unreviewed
CVE-2019-12675 was published May 24, 2022
Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD)... High Unreviewed
CVE-2019-12674 was published May 24, 2022
LibreOffice documents can contain macros. The execution of those macros is controlled by the... High Unreviewed
CVE-2019-9853 was published May 24, 2022
In Counter-Strike: Global Offensive before 8/29/2019, community game servers can display unsafe... Moderate Unreviewed
CVE-2019-15944 was published May 24, 2022
An input validation issue affected WhatsApp Desktop versions prior to 0.3.3793 which allows... Moderate Unreviewed
CVE-2019-3571 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database